Static task
static1
Behavioral task
behavioral1
Sample
0b9f443d13c2a31a3b3645c74e17c27f.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
0b9f443d13c2a31a3b3645c74e17c27f.exe
Resource
win10v2004-20231215-en
General
-
Target
0b9f443d13c2a31a3b3645c74e17c27f
-
Size
114KB
-
MD5
0b9f443d13c2a31a3b3645c74e17c27f
-
SHA1
92db753d7dccc5b8ee721f77a3b2cec455c08e9b
-
SHA256
f344864dcd805048af06283fac8fc0fa454dc6222d5f08899d93a05a8bbf86fe
-
SHA512
38323d0ed022e45cd62e4e028569f754698c464b544bfdb1d51f1420a631578ef1acecdd889f00f56d8cf7bee68702c5af7f035ae144e54f196c818b99d5bd26
-
SSDEEP
3072:FMY/WyInK2F/aXBUOKHy7xIksy84PhtDwCcRHF+OstBuui:V3moh2CcJUXt
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0b9f443d13c2a31a3b3645c74e17c27f
Files
-
0b9f443d13c2a31a3b3645c74e17c27f.exe windows:4 windows x86 arch:x86
f8bf83554b54858e91bac11f12d0f3ab
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
cygcrypto-0.9.8
DES_ecb_encrypt
DES_set_key
DES_set_odd_parity
ERR_error_string
ERR_get_error
MD4_Final
MD4_Init
MD4_Update
MD5_Final
MD5_Init
MD5_Update
RSA_generate_key
cygwin1
__errno
__getreent
__main
_ctype_
_fcntl64
_fopen64
_getuid32
_impure_ptr
alarm
atoi
bind
calloc
close
connect
cygwin_internal
dll_crt0__FP11per_process
exit
fclose
fflush
fgets
fork
fprintf
fputc
fread
free
fwrite
getenv
gethostbyname
getopt
getpid
gettimeofday
index
inet_aton
inet_ntoa
kill
localtime
malloc
memcpy
memset
optarg
optind
perror
printf
putchar
puts
rand
read
realloc
recv
rewind
rindex
select
send
setvbuf
signal
sleep
snprintf
socket
socketpair
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strftime
strlen
strncasecmp
strncpy
strsep
strstr
strtoul
time
unlink
usleep
wait3
write
_fcntl64
_fopen64
_getuid32
floor
cygssl-0.9.8
SSL_CIPHER_get_name
SSL_CTX_ctrl
SSL_CTX_new
SSL_CTX_set_default_verify_paths
SSL_CTX_set_tmp_rsa_callback
SSL_CTX_set_verify
SSL_connect
SSL_get_current_cipher
SSL_library_init
SSL_load_error_strings
SSL_new
SSL_read
SSL_set_fd
SSL_write
SSLv23_method
kernel32
GetModuleHandleA
Sections
.text Size: 83KB - Virtual size: 82KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 22KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 1KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE